A Virtual Cybersecurity Department for Securing Digital Twins in Water Distribution Systems

Digital twins DTs help improve real-time monitoring and decision-making in water distribution systems. However, their connectivity makes them easy targets for cyberattacks such as scanning, denial-of-service DoS, and unauthorized access. Small and medium-sized enterprises SMEs that manage these...

Leveraging LLM to Strengthen ML-Based Cross-Site Scripting Detection

According to the Open Web Application Security Project OWASP, Cross-Site Scripting XSS is a critical security vulnerability. Despite decades of research, XSS remains among the top 10 security vulnerabilities. Researchers have proposed various techniques to protect systems from XSS attacks, with...

JailbreaksOverTime: Detecting Jailbreak Attacks under Distribution Shift

Safety and security remain critical concerns in AI deployment. Despite safety training through reinforcement learning with human feedback RLHF 32, language models remain vulnerable to jailbreak attacks that bypass safety guardrails. Universal jailbreaks - prefixes that can circumvent alignment fo...

A Study on Mixup-Inspired Augmentation Methods for Software Vulnerability Detection

Various deep learning DL methods have recently been utilized to detect software vulnerabilities. Real-world software vulnerability datasets are rare and hard to acquire, as there is no simple metric for classifying vulnerability. Such datasets are heavily imbalanced, and none of the current...

CVE-2025-31328

SAP Learning Solution is vulnerable to Cross-Site Request Forgery CSRF, allowing an attacker to trick authenticated user into sending unintended requests to the server. GET-based OData function is named in a way that it violates the expected behaviour. This issue could impact both the...

TSCL:Multi-Party Loss Balancing Scheme for Deep Learning Image Steganography Based on Curriculum Learning

For deep learning-based image steganography frameworks, in order to ensure the invisibility and recoverability of the information embedding, the loss function usually contains several losses such as embedding loss, recovery loss and steganalysis loss. In previous research works, fixed loss weight...

Performance of Machine Learning Classifiers for Anomaly Detection in Cyber Security Applications

This work empirically evaluates machine learning models on two imbalanced public datasets KDDCUP99 and Credit Card Fraud 2013. The method includes data preparation, model training, and evaluation, using an 80/20 train/test split. Models tested include eXtreme Gradient Boosting XGB, Multi Layer...

New whitepaper outlines the taxonomy of failure modes in AI agents

We are releasing a taxonomy of failure modes in AI agents to help security professionals and machine learning engineers think through how AI systems can fail and design them with safety and security in mind. The taxonomy continues Microsoft AI Red Team's work to lead the creation of systematizati...

Quantum Autoencoder for Multivariate Time Series Anomaly Detection

Anomaly Detection AD defines the task of identifying observations or events that deviate from typical - or normal - patterns, a critical capability in IT security for recognizing incidents such as system misconfigurations, malware infections, or cyberattacks. In enterprise environments like SAP...

Contrastive Learning for Continuous Touch-Based Authentication

Smart mobile devices have become indispensable in modern daily life, where sensitive information is frequently processed, stored, and transmitted-posing critical demands for robust security controls. Given that touchscreens are the primary medium for human-device interaction, continuous user...

STCL: Curriculum Learning Strategies for Deep Learning Image Steganography Models

Whitepaper called STCL: Curriculum Learning Strategies For Deep Learning Image Steganography Models...

Evaluating the Vulnerability of ML-Based Ethereum Phishing Detectors to Single-Feature Adversarial Perturbations

This paper explores the vulnerability of machine learning models to simple single-feature adversarial attacks in the context of Ethereum fraudulent transaction detection. Through comprehensive experimentation, we investigate the impact of various adversarial attack strategies on model performance...

Differential Privacy-Driven Framework for Enhancing Heart Disease Prediction

With the rapid digitalization of healthcare systems, there has been a substantial increase in the generation and sharing of private health data. Safeguarding patient information is essential for maintaining consumer trust and ensuring compliance with legal data protection regulations. Machine...

Semantic-Aware Contrastive Fine-Tuning: Boosting Multimodal Malware Classification with Discriminative Embeddings

The rapid evolution of malware variants requires robust classification methods to enhance cybersecurity. While Large Language Models LLMs offer potential for generating malware descriptions to aid family classification, their utility is limited by semantic embedding overlaps and misalignment with...

Optimized Approaches to Malware Detection: a Study of Machine Learning and Deep Learning Techniques

Digital systems find it challenging to keep up with cybersecurity threats. The daily emergence of more than 560,000 new malware strains poses significant hazards to the digital ecosystem. The traditional malware detection methods fail to operate properly and yield high false positive rates with l...

[SECURITY] Fedora 41 Update: moodle-4.4.8-1.fc41

Moodle is a course management system CMS - a free, Open Source software package designed using sound pedagogical principles, to help educators create effective online learning communities...

[SECURITY] Fedora 42 Update: moodle-4.5.4-1.fc42

Moodle is a course management system CMS - a free, Open Source software package designed using sound pedagogical principles, to help educators create effective online learning communities...

Snorkeling in Dark Waters: a Longitudinal Surface Exploration of Unique Tor Hidden Services (Extended Version)

The Onion Router Tor is a controversial network whose utility is constantly under scrutiny. On the one hand, it allows for anonymous interaction and cooperation of users seeking untraceable navigation on the Internet. This freedom also attracts criminals who aim to thwart law enforcement...

Private Federated Learning Using Preference-Optimized Synthetic Data

In practical settings, differentially private Federated learning DP-FL is the dominant method for training models from private, on-device client data. Recent work has suggested that DP-FL may be enhanced or outperformed by methods that use DP synthetic data Wu et al., 2024; Hou et al., 2024. The...

A Collaborative Intrusion Detection System Using Snort IDS Nodes

Intrusion Detection Systems IDSs are integral to safeguarding networks by detecting and responding to threats from malicious traffic or compromised devices. However, standalone IDS deployments often fall short when addressing the increasing complexity and scale of modern cyberattacks. This paper...